QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0945

Published: May 13, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

http://support.apple.com/kb/HT3639

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

FEDORA-2009-8039

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_VUPEN

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_SECTRACK

20090519 ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2009-06-17-1

vendor-advisory

x_refsource_APPLE

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

third-party-advisory

x_refsource_SECUNIA

http://www.zerodayinitiative.com/advisories/ZDI-09-022

x_refsource_MISC

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

safari-webkit-svglist-bo(50477)

vdb-entry

x_refsource_XF

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

SUSE-SR:2011:002

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_UBUNTU

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

third-party-advisory

x_refsource_CERT

oval:org.mitre.oval:def:11584

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

FEDORA-2009-8049

vendor-advisory

x_refsource_FEDORA

http://support.apple.com/kb/HT3550

x_refsource_CONFIRM

FEDORA-2009-6166

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_VUPEN

http://code.google.com/p/chromium/issues/detail?id=9019

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2009-0945 - Security Vulnerability | QwikSec